summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBenjamin Dauvergne <bdauvergne@entrouvert.com>2018-06-27 17:27:33 (GMT)
committerBenjamin Dauvergne <bdauvergne@entrouvert.com>2018-06-28 08:30:53 (GMT)
commite29de3160d71d215be51f74783006d382f366f97 (patch)
tree9571081c839d1fa62abbecf4ab8ede8fc3521a33
parenteb6e0e23b4f984d77c014d45a375b3474ced34e2 (diff)
downloadlasso-e29de3160d71d215be51f74783006d382f366f97.zip
lasso-e29de3160d71d215be51f74783006d382f366f97.tar.gz
lasso-e29de3160d71d215be51f74783006d382f366f97.tar.bz2
tools: fix segfault in lasso_get_saml_message (fixes #24830)
We reuse the "message" local variable but we should not. Also fix a segfault in lasso_xmltextreader_from_message() when getting the length of "message" before checking if it is NULL or not.
-rw-r--r--lasso/xml/tools.c7
-rw-r--r--tests/basic_tests.c8
2 files changed, 11 insertions, 4 deletions
diff --git a/lasso/xml/tools.c b/lasso/xml/tools.c
index 93e8029..6a9ce18 100644
--- a/lasso/xml/tools.c
+++ b/lasso/xml/tools.c
@@ -3056,6 +3056,7 @@ lasso_get_saml_message(xmlChar **query_fields) {
int i = 0;
char *enc = NULL;
char *message = NULL;
+ char *saml_message = NULL;
char *decoded_message = NULL;
xmlChar *field = NULL;
char *t = NULL;
@@ -3096,12 +3097,12 @@ lasso_get_saml_message(xmlChar **query_fields) {
goto cleanup;
}
/* rc contains the length of the result */
- message = (char*)lasso_inflate((unsigned char*) decoded_message, rc);
+ saml_message = (char*)lasso_inflate((unsigned char*) decoded_message, rc);
cleanup:
if (decoded_message) {
lasso_release(decoded_message);
}
- return message;
+ return saml_message;
}
/**
@@ -3126,10 +3127,10 @@ lasso_xmltextreader_from_message(const char *message, char **to_free) {
if (needle && message[len-1] != '=') {
query_fields = lasso_urlencoded_to_strings(message);
message = *to_free = lasso_get_saml_message(query_fields);
- len = strlen(message);
if (! message) {
goto cleanup;
}
+ len = strlen(message);
} else { /* POST */
int rc = 0;
diff --git a/tests/basic_tests.c b/tests/basic_tests.c
index 398d789..c08cab6 100644
--- a/tests/basic_tests.c
+++ b/tests/basic_tests.c
@@ -2082,7 +2082,7 @@ START_TEST(test15_ds_key_info)
}
END_TEST
-/* test load federation */
+/* test get issuer */
START_TEST(test16_test_get_issuer)
{
char *content = NULL;
@@ -2169,6 +2169,12 @@ START_TEST(test16_test_get_issuer)
lasso_release_gobject(spLoginContext);
lasso_release_gobject(spServerContext);
+ begin_check_do_log("Lasso", G_LOG_LEVEL_DEBUG, "could not decode POST SAML message", TRUE);
+ check_null(lasso_profile_get_issuer(""));
+ end_check_do_log("Lasso");
+ begin_check_do_log("Lasso", G_LOG_LEVEL_DEBUG, "message is not base64", TRUE);
+ check_null(lasso_profile_get_issuer("SAMLRequest=!!hello!!"));
+ end_check_do_log("Lasso");
}
END_TEST